Техническая информация
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- <LS_APPDATA>\2F64GKsh7\ELtMyQacu
- <LS_APPDATA>\2F64GKsh7\bzWhWK0GKNu
- <LS_APPDATA>\2F64GKsh7\vXqhDXf2C
- <LS_APPDATA>\2F64GKsh7\HTu7FwUWOg
- <LS_APPDATA>\2F64GKsh7\2q7LsTx8vqo
- <LS_APPDATA>\2F64GKsh7\316ROwZppx.dll
- %TEMP%\frAQBc8Wsa.jpeg
- %TEMP%\frAQBc8Wsa.bmp
- <LS_APPDATA>\2F64GKsh7\vXqhDXf2C
- <LS_APPDATA>\2F64GKsh7\HTu7FwUWOg
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <LS_APPDATA>\2F64GKsh7\ELtMyQacu
- <LS_APPDATA>\2F64GKsh7\bzWhWK0GKNu
- <LS_APPDATA>\2F64GKsh7\2q7LsTx8vqo
- %TEMP%\frAQBc8Wsa.jpeg
- %TEMP%\frAQBc8Wsa.bmp
- 'kl##stat.eu':80
- 'localhost':1039
- kl##stat.eu/index3.php?ne################
- kl##stat.eu/index3.php?BO##########################################################################################################################################################
- kl##stat.eu/index3.php?st#################################################################################
- DNS ASK kl##stat.eu
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''